Articles
Notes, research, and commentary from the SecProve team.
- •9 min read
Prompt injection is universal — the exploit that lands isn't, and the fix is neither
Every LLM is vulnerable to prompt injection, but the specific payload that succeeds depends on the model's training data, alignment, safety classifiers, and tokenizer. That breaks two common assumptions at once: that a defense tuned on one model transfers to another, and that switching providers makes the problem go away. The durable controls aren't model-specific patches — they're architectural.
ai-securityprompt-injectionllm-securityred-teamingarchitecture - •8 min read
AI labs don't want the cybersecurity market — they want the bottleneck
OpenAI's Daybreak and Anthropic's Mythos look like a competitive assault on the security industry. The math says otherwise. Cyber is too small to be the prize — it's the lock on every door the labs need to walk through, and that changes which seams defenders should watch.
ai-securitymarket-analysisvendor-landscapeopinion - •7 min read
Security+ Practice That Tells You Why You Missed — Not Just What
Free CompTIA Security+ (SY0-701) practice with diagnostic feedback. Exam Autopsy, First Answer Shadow Mode, and Trap Immunity tell you why you missed each question, not just what.
cert-prepsecurity-plussy0-701comptialearninglaunch - •11 min read
How Cybersecurity Cert Exam Traps Work: A Taxonomy of 25 Distractor Patterns
Every wrong answer on Security+, CISSP, CySA+, or CCSP slots into one of 25 distractor patterns — and those 25 group into 6 underlying mechanisms. Once you can name the trap, you stop falling for it.
cert-prepexam-prepsecurity-pluscisspdistractorstaxonomytest-taking - •9 min read
How to start a career in ICS/OT cybersecurity
A practitioner-built path into industrial cybersecurity — the foundational skills you need first, the cert ladder that actually signals competence, the SANS and CISA training worth the time, the conferences where the community meets, and the 12-month sequence that gets you from interested to credible.
ot-securityicscareercertificationstraining - •7 min read
OT security isn't IT security in a hard hat. It's a different discipline.
IT and OT cybersecurity invert the priorities. IT optimizes for confidentiality first; OT optimizes for safety and availability — a compromised PLC can hurt people. The protocols are different, the device lifecycles are different, the threat actors are different. Most IT-trained practitioners who 'do OT now' get hurt by the conflation.
ot-securityicspurdue-modeliec-62443opinion - •7 min read
The kill chain is taught as a sequence. Practitioners use it as a story.
Every textbook teaches the Cyber Kill Chain as seven linear stages. Every cert exam tests memorization of the order. That isn't how IR teams, detection engineers, or CISOs actually use it — and the mismatch wastes a generation of junior analysts trying to force real intrusions into a sequence that doesn't exist.
kill-chainincident-responsedetectionframeworksopinion - •7 min read
21 spoofing attacks. One engineering omission.
Reference cards organize spoofing attacks by OSI layer — DNS at 7, ARP at 2, GPS at 1, twenty-one in total. They're not twenty-one attacks. They're twenty-one places where a protocol decided to act on a sender's claim without verifying it. The fifty-year history of network security is bolting cryptographic identity binding onto each one, in order.
spoofingauthenticationcryptographynetwork-securityopinion - •6 min read
Chess has ELO. Forecasting has Brier. Cybersecurity should have calibration.
Knowing the right answer matters. Knowing when you don't know it matters more. Introducing the SecProve Calibration Score — a second rating, alongside Knowledge Rating, that measures how well your confidence tracks your actual accuracy.
researchratinglearningopinion - •7 min read
Cybersecurity roles aren't silos — they're one connected system
Most of us learn cybersecurity as a list of specializations — SOC, AppSec, IAM, pentest, GRC. The incidents we keep failing to prevent don't respect that mental model. Why every security career is a web, not a ladder, and what the map actually looks like.
careerssystems-thinkingdomain-mapopinion - •5 min read
Why cybersecurity training is failing practitioners
Most security learning splits into passive reading or bursty labs — neither builds durable skill. The field is missing the daily retrieval layer every other competitive discipline takes for granted, and AI assistants make the gap more dangerous, not less.
traininglearningresearchopinion - •3 min read
Welcome to SecProve
A brief introduction to why this platform exists and what you can expect from the content we publish here.
announcementsmeta